• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-862

CVE-2022-3096

February 23, 2023 by godfreyd94

The WP Total Hacks WordPress plugin through 4.7.2 does not prevent low privilege users from modifying the plugin’s settings. This could allow users such as subscribers to perform Stored Cross-Site Scripting attacks against other users, like administrators, due to the lack of sanitisation and escaping as well.

CVE-2022-30715

February 23, 2023 by godfreyd94

Improper access control vulnerability in DofViewer prior to SMR Jun-2022 Release 1 allows attackers to control floating system alert window.

CVE-2022-30731

February 23, 2023 by godfreyd94

Improper access control vulnerability in My Files prior to version 13.1.00.193 allows attackers to access arbitrary private files in My Files application.

CVE-2022-3048

February 23, 2023 by godfreyd94

Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a local attacker to bypass lockscreen navigation restrictions via physical access to the device.

CVE-2022-2985

February 23, 2023 by godfreyd94

In music service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.

CVE-2022-2987

February 23, 2023 by godfreyd94

The Ldap WP Login / Active Directory Integration WordPress plugin before 3.0.2 does not have any authorisation and CSRF checks when updating it’s settings (which are hooked to the init action), allowing unauthenticated attackers to update them. Attackers could set their own LDAP server to be used to authenticated users, therefore bypassing the current authentication

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 174
  • Go to page 175
  • Go to page 176
  • Go to page 177
  • Go to page 178
  • Interim pages omitted …
  • Go to page 211
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE